Static task
static1
Behavioral task
behavioral1
Sample
85976e96abd5987e03dd92ebc85a7a80_JaffaCakes118.exe
Resource
win7-20240903-en
General
-
Target
85976e96abd5987e03dd92ebc85a7a80_JaffaCakes118
-
Size
480KB
-
MD5
85976e96abd5987e03dd92ebc85a7a80
-
SHA1
13dc53e48c06405269a99d25941821deba13c5b4
-
SHA256
843332724092e4b31828555fb9ed67bfd62cffd1908917b223d5bf1a8f17745d
-
SHA512
a1031d4cd43f0ec9f894e0d457e687de0a62cd5cde6f5c2c2902d5bc85bebbc94b087fa5cf93f73aa1982cb63ddcf097161f3295821165b650fbdecae9f225c8
-
SSDEEP
12288:cE++BhtjJKOlxuQsxlAEVtkCCq8M74wASUHl9S:G+BY4DqlAMk0z7yV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 85976e96abd5987e03dd92ebc85a7a80_JaffaCakes118
Files
-
85976e96abd5987e03dd92ebc85a7a80_JaffaCakes118.exe windows:4 windows x86 arch:x86
cebec99455df8a7950134c0a94ee54f9
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CallWindowProcA
kernel32
GetProcAddress
CopyFileA
LoadLibraryA
msvbvm60
ord516
ord626
__vbaCopyBytes
ord669
ord593
ord595
ord598
ord631
ord632
ord525
ord527
ord529
DllFunctionCall
ord600
__vbaExceptHandler
ord711
ord606
ord607
ord608
ord716
ord717
ProcCallEngine
ord535
ord537
ord644
ord645
ord570
ord648
ord681
ord100
ord616
ord617
ord580
Sections
.text Size: 72KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 404KB - Virtual size: 403KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ